plc.d/packages

   1 #!/bin/bash
   2 # $Id$
   3 # $URL$
   4 #
   5 # priority: 1200
   6 #
   7 # Update node package repository metadata and sign packages
   8 #
   9 # Mark Huang <mlhuang@cs.princeton.edu>
  10 # Copyright (C) 2006 The Trustees of Princeton University
  11 #
  12
  13 # Source function library and configuration
  14 . /etc/plc.d/functions
  15 . /etc/planetlab/plc_config
  16
  17 # Be verbose
  18 set -x
  19
  20 case "$1" in
  21     start)
  22         if [ "$PLC_BOOT_ENABLED" != "1" ] ; then
  23             exit 0
  24         fi
  25
  26         MESSAGE=$"Signing and indexing node packages"
  27         dialog "$MESSAGE"
  28
  29         shopt -s nullglob
  30
  31         shift
  32         if [[ -z "$@" ]] ; then
  33             # use all subdirs in install-rpms by default
  34             repositories=/var/www/html/install-rpms/*
  35         else
  36             # else use argv
  37             repositories="$@"
  38         fi
  39
  40         ### availability of repo indexing tools
  41         # old one - might be needed for old-style nodes
  42         type -p yum-arch > /dev/null && have_yum_arch="true"
  43         # new one
  44         type -p createrepo > /dev/null && have_createrepo="true"
  45
  46
  47         ### copy vserver-PLDISTRO* and vserver-systemslices-PLDISTRO*
  48         ### pacakges to each repository to be able to create different
  49         ### flavours of vservers on nodes
  50         for repository1 in $repositories; do
  51             DISTRO=${PLC_FLAVOUR_SLICE_PLDISTRO}
  52             VSERVER_PKG=vserver-$(basename $repository1)
  53             VSERVER_SYS_SLICES_PKG=vserver-systemslices-$(basename $repository1)
  54             for repository2 in $repositories; do
  55                 if [[ $(basename $repository1) == ${DISTRO}* ]]  \
  56                     && [[ $(basename $repository2) == ${DISTRO}* ]] \
  57                     && [[ $repository1 != $repository2 ]] ; then
  58                         ln -s $repository1/${VSERVER_PKG}* $repository2
  59                         ln -s $repository1/${VSERVER_SYS_SLICES_PKG}* $repository2
  60                 fi
  61             done
  62         done
  63
  64         for repository in $repositories ; do
  65             # the rpms that need signing
  66             new_rpms=
  67             # and the corresponding stamps
  68             new_stamps=
  69             # is there a need to refresh yum metadata
  70             need_yum_arch=
  71             need_createrepo=
  72
  73             # right after installation, no package is present
  74             # but we still need to create index
  75             [ -n "$have_yum_arch" -a ! -f $repository/headers/header.info ] && need_yum_arch=true
  76             [ -n "$have_createrepo" -a ! -f $repository/repodata/repomd.xml ] && need_createrepo=true
  77
  78             for package in $(find $repository/ -name '*.rpm') ; do
  79                 stamp=$repository/signed-stamps/$(basename $package).signed
  80                 # If package is newer than signature stamp
  81                 if [ $package -nt $stamp ] ; then
  82                     new_rpms="$new_rpms $package"
  83                     new_stamps="$new_stamps $stamp"
  84                 fi
  85                 # Or than yum-arch headers
  86                 [ -n "$have_yum_arch" ] && [ $package -nt $repository/headers/header.info ] && need_yum_arch=true
  87                 # Or than createrepo database
  88                 [ -n "$have_createrepo" ] && [ $package -nt $repository/repodata/repomd.xml ] && need_createrepo=true
  89             done
  90
  91             if [ -n "$new_rpms" ] ; then
  92                 # Create a stamp once the package gets signed
  93                 mkdir $repository/signed-stamps 2> /dev/null
  94
  95                 # Sign RPMS. setsid detaches rpm from the terminal,
  96                 # allowing the (hopefully blank) GPG password to be
  97                 # entered from stdin instead of /dev/tty.
  98                 echo | setsid rpm \
  99                     --define "_signature gpg" \
 100                     --define "_gpg_path /etc/planetlab" \
 101                     --define "_gpg_name $PLC_MAIL_SUPPORT_ADDRESS" \
 102                     --resign $new_rpms && touch $new_stamps
 103                 check
 104             fi
 105
 106             # Update repository index / yum metadata.
 107
 108             if [ -n "$need_yum_arch" ] ; then
 109                 # yum-arch sometimes leaves behind
 110                 # .oldheaders and .olddata directories accidentally.
 111                 rm -rf $repository/{.oldheaders,.olddata}
 112                 yum-arch $repository
 113                 check
 114             fi
 115
 116             if [ -n "$need_createrepo" ] ; then
 117                 if [ -f $repository/yumgroups.xml ] ; then
 118                     createrepo --quiet -g yumgroups.xml $repository
 119                 else
 120                     createrepo --quiet $repository
 121                 fi
 122                 check
 123             fi
 124         done
 125
 126         result "$MESSAGE"
 127         ;;
 128     clean)
 129         shift
 130         if [[ -z "$@" ]] ; then
 131             # use all subdirs in install-rpms by default
 132             repositories=/var/www/html/install-rpms/*
 133         else
 134             # else use argv
 135             repositories=$@
 136         fi
 137
 138         for repository in $repositories ; do
 139             rm -rf $repository/signed-stamps
 140             rm -rf $repository/repodata
 141             rm -rf $repository/headers
 142         done
 143         ;;
 144     *)
 145         echo "Usage: $0 start|clean [repo ..]"
 146         ;;
 147 esac
 148
 149 exit $ERRORS